IOC Report
Db5aU9VNyz.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll64.exe
loaddll64.exe "C:\Users\user\Desktop\Db5aU9VNyz.dll"
 malicious
C:\Windows\System32\regsvr32.exe
regsvr32.exe /s C:\Users\user\Desktop\Db5aU9VNyz.dll
 malicious
C:\Windows\System32\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\Db5aU9VNyz.dll",#1
 malicious
C:\Windows\System32\rundll32.exe
rundll32.exe C:\Users\user\Desktop\Db5aU9VNyz.dll,DllRegisterServer
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\Db5aU9VNyz.dll",#1

Domains

Name
IP
Malicious
s-part-0035.t-0009.t-msedge.net
13.107.246.63

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF8E83B6000
unkown
page read and write
 malicious
1A4D6831000
direct allocation
page execute and read and write
 malicious
256F1681000
direct allocation
page execute and read and write
 malicious
7FF8E83B6000
unkown
page read and write
 malicious
C21000
direct allocation
page execute and read and write
 malicious
7FF8E83B6000
unkown
page read and write
 malicious
7FF8E83B6000
unkown
page read and write
 malicious
22A4F571000
direct allocation
page execute and read and write
 malicious
256F1491000
heap
page read and write
1A4D68B5000
heap
page read and write
AA9000
heap
page read and write
7FF8E83B5000
unkown
page readonly
22A4F540000
heap
page read and write
B05000
heap
page read and write
1A4D68B2000
heap
page read and write
22A4F608000
heap
page read and write
1A4D6888000
heap
page read and write
7FF8E83B5000
unkown
page readonly
256F2F24000
heap
page read and write
AE1000
heap
page read and write
C90000
heap
page read and write
256F16B0000
heap
page read and write
7FF8E83B1000
unkown
page execute read
7FF8E83B5000
unkown
page readonly
AAB000
heap
page read and write
6DE393C000
stack
page read and write
22A4F5E0000
heap
page read and write
256F1485000
heap
page read and write
22A4F633000
heap
page read and write
256F1482000
heap
page read and write
AFD000
heap
page read and write
256F1485000
heap
page read and write
AA0000
heap
page read and write
1A4D6780000
heap
page read and write
22A4F61A000
heap
page read and write
256F1420000
heap
page read and write
AF1000
heap
page read and write
256F148D000
heap
page read and write
22A4F5ED000
heap
page read and write
22A51033000
heap
page read and write
4FE86FF000
stack
page read and write
1A4D6AA5000
heap
page read and write
B05000
heap
page read and write
6DE3C7F000
stack
page read and write
AB7000
heap
page read and write
22A4F5F8000
heap
page read and write
22A51085000
heap
page read and write
256F1450000
heap
page read and write
1A4D83D4000
heap
page read and write
6B1FEAC000
stack
page read and write
25D0000
heap
page read and write
256F1489000
heap
page read and write
256F16BC000
heap
page read and write
7FF8E83B0000
unkown
page readonly
7FF8E83B1000
unkown
page execute read
22A4F637000
heap
page read and write
1A4D6860000
heap
page read and write
256F4BC0000
trusted library allocation
page read and write
7FF8E83B0000
unkown
page readonly
ADD000
heap
page read and write
1A4D6AA0000
heap
page read and write
6B1FF2F000
stack
page read and write
256F3020000
heap
page read and write
256F16B5000
heap
page read and write
6B202FE000
stack
page read and write
4FE88FB000
stack
page read and write
22A4F530000
heap
page read and write
4FE87FE000
stack
page read and write
256F1486000
heap
page read and write
25F0000
heap
page read and write
22A4F63F000
heap
page read and write
24BB000
stack
page read and write
9A0000
heap
page read and write
1A4D6880000
heap
page read and write
1A4D83D0000
heap
page read and write
256F147C000
heap
page read and write
7FF8E83D5000
unkown
page readonly
7FF8E83B0000
unkown
page readonly
256F1485000
heap
page read and write
256F13F0000
heap
page read and write
C1E000
stack
page read and write
256F1489000
heap
page read and write
1A4D68B6000
heap
page read and write
AD6000
heap
page read and write
9D0000
heap
page read and write
7FF8E83B0000
unkown
page readonly
22A4F5B0000
heap
page read and write
256F1458000
heap
page read and write
1A4D68A8000
heap
page read and write
22A4F611000
heap
page read and write
256F1488000
heap
page read and write
7FF8E83B5000
unkown
page readonly
7FF8E83D5000
unkown
page readonly
1A4D68AC000
heap
page read and write
22A4F63F000
heap
page read and write
7FF8E83B1000
unkown
page execute read
7FF8E83D5000
unkown
page readonly
AD6000
heap
page read and write
22A4F611000
heap
page read and write
4FE834C000
stack
page read and write
256F1478000
heap
page read and write
6DE3CFB000
stack
page read and write
7FF8E83D5000
unkown
page readonly
1A4D68B5000
heap
page read and write
AE8000
heap
page read and write
6B1FFAE000
stack
page read and write
87B000
stack
page read and write
256F147C000
heap
page read and write
25F3000
heap
page read and write
256F2F20000
heap
page read and write
7FF8E83B1000
unkown
page execute read
256F1478000
heap
page read and write
1A4D68CA000
heap
page read and write
22A51080000
heap
page read and write
22A50F70000
heap
page read and write
256F1400000
heap
page read and write
1A4D67A0000
heap
page read and write
6DE3D7F000
stack
page read and write
8C0000
heap
page read and write
1A4D68AC000
heap
page read and write
1A4D68B5000
heap
page read and write
1A4D66A0000
heap
page read and write
1A4D68A3000
heap
page read and write
22A4F622000
heap
page read and write
256F148A000
heap
page read and write
C95000
heap
page read and write
22A51030000
heap
page read and write
256F2E60000
heap
page read and write
22A4F63E000
heap
page read and write
256F1487000
heap
page read and write
6DE39BF000
stack
page read and write
A8E000
stack
page read and write
There are 122 hidden memdumps, click here to show them.